Refactor the code into modules, it was getting unweildy.
This commit is contained in:
yackob03
parent
2611d70185
commit
ee5ea51532
12 changed files with 73 additions and 70 deletions
208
endpoints/index.py
Normal file
208
endpoints/index.py
Normal file
|
|
@ -0,0 +1,208 @@
|
|||
import json
|
||||
import urllib
|
||||
import json
|
||||
import logging
|
||||
|
||||
from flask import request, make_response, jsonify, abort
|
||||
from functools import wraps
|
||||
|
||||
from data import model
|
||||
from app import app
|
||||
from auth.auth import (process_auth, get_authenticated_user,
|
||||
get_validated_token)
|
||||
from util import parse_namespace_repository, parse_repository_name
|
||||
from auth.permissions import (ModifyRepositoryPermission,
|
||||
ReadRepositoryPermission, UserPermission)
|
||||
|
||||
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
REGISTRY_SERVER = 'localhost:5003'
|
||||
|
||||
|
||||
def generate_headers(access):
|
||||
def add_headers(f):
|
||||
@wraps(f)
|
||||
def wrapper(namespace, repository, *args, **kwargs):
|
||||
response = f(namespace, repository, *args, **kwargs)
|
||||
|
||||
response.headers['X-Docker-Endpoints'] = REGISTRY_SERVER
|
||||
|
||||
has_token_request = request.headers.get('X-Docker-Token', '')
|
||||
|
||||
if has_token_request and get_authenticated_user():
|
||||
repo = model.get_repository(namespace, repository)
|
||||
token = model.create_access_token(get_authenticated_user(), repo)
|
||||
token_str = ('Token signature=%s,repository="%s/%s",access=%s' %
|
||||
(token.code, namespace, repository, access))
|
||||
response.headers['WWW-Authenticate'] = token_str
|
||||
response.headers['X-Docker-Token'] = token_str
|
||||
|
||||
return response
|
||||
return wrapper
|
||||
return add_headers
|
||||
|
||||
|
||||
@app.route('/v1/users', methods=['POST'])
|
||||
@app.route('/v1/users/', methods=['POST'])
|
||||
def create_user():
|
||||
user_data = request.get_json()
|
||||
model.create_user(user_data['username'], user_data['password'],
|
||||
user_data['email'])
|
||||
return make_response('Created', 201)
|
||||
|
||||
|
||||
@app.route('/v1/users', methods=['GET'])
|
||||
@app.route('/v1/users/', methods=['GET'])
|
||||
@process_auth
|
||||
def get_user():
|
||||
if not get_authenticated_user():
|
||||
abort(401)
|
||||
|
||||
return jsonify({
|
||||
'username': get_authenticated_user().username,
|
||||
'email': get_authenticated_user().email,
|
||||
})
|
||||
|
||||
|
||||
@app.route('/v1/users/<username>/', methods=['PUT'])
|
||||
@process_auth
|
||||
def update_user(username):
|
||||
permission = UserPermission(username)
|
||||
|
||||
if permission.can():
|
||||
update_request = request.get_json()
|
||||
|
||||
if 'password' in update_request:
|
||||
logger.debug('Updating user password.')
|
||||
model.change_password(get_authenticated_user(),
|
||||
update_request['password'])
|
||||
|
||||
if 'email' in update_request:
|
||||
logger.debug('Updating user email')
|
||||
model.update_email(get_authenticated_user(), update_request['email'])
|
||||
|
||||
return jsonify({
|
||||
'username': get_authenticated_user().username,
|
||||
'email': get_authenticated_user().email,
|
||||
})
|
||||
|
||||
abort(403)
|
||||
|
||||
|
||||
@app.route('/v1/repositories/<path:repository>', methods=['PUT'])
|
||||
@process_auth
|
||||
@parse_repository_name
|
||||
@generate_headers(access='write')
|
||||
def create_repository(namespace, repository):
|
||||
image_descriptions = json.loads(request.data)
|
||||
|
||||
repo = model.get_repository(namespace, repository)
|
||||
|
||||
if repo:
|
||||
permission = ModifyRepositoryPermission(namespace, repository)
|
||||
if not permission.can():
|
||||
if get_validated_token() or get_authenticated_user():
|
||||
abort(403)
|
||||
else:
|
||||
abort(401)
|
||||
else:
|
||||
if not get_authenticated_user():
|
||||
abort(401)
|
||||
|
||||
if get_authenticated_user().username != namespace:
|
||||
abort(403)
|
||||
|
||||
logger.debug('Creaing repository with owner: %s' %
|
||||
get_authenticated_user().username)
|
||||
repo = model.create_repository(namespace, repository,
|
||||
get_authenticated_user())
|
||||
|
||||
new_repo_images = {desc['id']: desc for desc in image_descriptions}
|
||||
added_images = dict(new_repo_images)
|
||||
for existing in model.get_repository_images(namespace, repository):
|
||||
if existing.image_id in new_repo_images:
|
||||
added_images.pop(existing.image_id)
|
||||
else:
|
||||
existing.repositoryimage.delete()
|
||||
|
||||
for image_description in added_images.values():
|
||||
image = model.create_image(image_description['id'])
|
||||
model.assign_image_repository(repo, image, image_description['Tag'])
|
||||
|
||||
response = make_response('Created', 201)
|
||||
return response
|
||||
|
||||
|
||||
@app.route('/v1/repositories/<path:repository>/images', methods=['PUT'])
|
||||
@process_auth
|
||||
@parse_repository_name
|
||||
@generate_headers(access='write')
|
||||
def update_images(namespace, repository):
|
||||
permission = ModifyRepositoryPermission(namespace, repository)
|
||||
|
||||
if permission.can():
|
||||
image_with_checksums = json.loads(request.data)
|
||||
|
||||
for image in image_with_checksums:
|
||||
model.set_image_checksum(image['id'], image['checksum'])
|
||||
|
||||
return make_response('Updated', 204)
|
||||
|
||||
abort(403)
|
||||
|
||||
|
||||
@app.route('/v1/repositories/<path:repository>/images', methods=['GET'])
|
||||
@process_auth
|
||||
@parse_repository_name
|
||||
@generate_headers(access='read')
|
||||
def get_repository_images(namespace, repository):
|
||||
permission = ReadRepositoryPermission(namespace, repository)
|
||||
|
||||
# TODO invalidate token?
|
||||
|
||||
if permission.can():
|
||||
all_images = []
|
||||
for image in model.get_repository_images(namespace, repository):
|
||||
new_image_view = {
|
||||
'id': image.image_id,
|
||||
'tag': image.repositoryimage.tag,
|
||||
'checksum': image.checksum,
|
||||
}
|
||||
all_images.append(new_image_view)
|
||||
|
||||
resp = make_response(json.dumps(all_images), 200)
|
||||
resp.mimetype = 'application/json'
|
||||
|
||||
return resp
|
||||
|
||||
abort(403)
|
||||
|
||||
|
||||
@app.route('/v1/repositories/<path:repository>/images', methods=['DELETE'])
|
||||
@process_auth
|
||||
@parse_repository_name
|
||||
@generate_headers(access='delete')
|
||||
def delete_repository_images(namespace, repository):
|
||||
pass
|
||||
|
||||
|
||||
@app.route('/v1/repositories/<path:repository>/auth', methods=['PUT'])
|
||||
@parse_repository_name
|
||||
def put_repository_auth(namespace, repository):
|
||||
pass
|
||||
|
||||
|
||||
@app.route('/v1/search', methods=['GET'])
|
||||
def get_search():
|
||||
pass
|
||||
|
||||
|
||||
@app.route('/_ping')
|
||||
@app.route('/v1/_ping')
|
||||
def ping():
|
||||
response = make_response('true', 200)
|
||||
response.headers['X-Docker-Registry-Version'] = '0.6.0'
|
||||
return response
|
||||
Reference in a new issue